[OpenAFS] OpenAFS still in development?

[Jeffrey Altman]

This is a cryptographically signed message in MIME format.

--------------ms090004050607080208010601
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Harald,

I do not believe that the OpenAFS mailing lists are an appropriate forum
to discuss AuriStor.  My response to Michael provided details on
AuriStor because I felt it was necessary in order to properly answer the
implied questions.

I encourage anyone that has questions about AuriStor to send them to
contact us via

  https://www.your-file-system.com/openafs/contact

On 6/21/2015 4:55 AM, Harald Barth wrote:
>=20
>> 4. Is AuriStor a replacement for OpenAFS?
>>
>> AuriStor is designed to be a general purpose, platform independent,
>> secure, distributed file system that can be successfully deployed
>> internally, across the Internet, and within public cloud services.
>> AuriStor is an IBM AFS(R) and OpenAFS compatible file system that
>> (...)
>>  . and more
>=20
> On=20
>=20
> https://www.your-file-system.com/openafs/auristor-comparison
>=20
> I have not found a list of supported platforms (client and server)
> comparison for OpenAFS and AuriStor. Because if it does not
> run on the platform, it's not a replacement.=20

The question of "supported platforms" is an interesting one because it
is very unclear what it means for OpenAFS to "support" a platform.  What
are the criteria?  Is it sufficient to say that if you can build OpenAFS
on the OS and hardware architecture that it is "supported"?

Or are there other requirements such as

 * there must be packaging available for the platform

 * there must be binaries distributed

   . from openafs.org

   . from the OS distribution

   . from a third party (including commercial support vendors)

 * there must be an extensive test suite that is passed

 * for OS vendors that require digital signatures there must
   be a signed distribution be present

 * technical support must be available

I am quite sure there are other criteria that could be added to the mix.

At the AFS and Kerberos Best Practice Workshops and the European AFS
Conferences the Gatekeepers have often included a list of OSes as part
of the OpenAFS Status Report.  Inclusion in the list has in general
meant that the referenced stable branch of OpenAFS builds on the listed
major version of the OS.  Inclusion of an OS in the list has not implied
much more than that because OpenAFS does not have an extensive test
suite to run and because binaries have not always been consistently
available.

For AuriStor to be "supported" requires the availability of tested,
signed (where applicable) and certified (where applicable) binaries.

The current list of OS families that YFSI is committed to supporting
includes

 * Linux
   . Red Hat Enterprise Linux
     (YFSI is a Red Hat Technology Partner)
   . Fedora
   . Debian
   . Ubuntu
 * Microsoft Windows
 * Apple OSX and iOS
 * Oracle Solaris
 * IBM AIX
 * Android

Servers are supported everywhere but on Windows, iOS and Android but the
performance varies significantly based upon the OS release, processor
architecture, and underlying hardware so there are combinations that we
recommend and those we do not.

The failure to list an OS family or Linux distribution does not imply
that YFSI will not support AuriStor on that platform.  It only implies
that there has been insufficient customer interest to this point for
YFSI to expend the necessary resources on development, testing and
certification (where applicable.)

> I have not found a price list of the products and what they contain.

You are correct.  YFSI performed a survey of various Enterprise class
software product web sites and found that very few included a price
schedule.  Please contact us.

> However, there is much "we are better" advertisement. That's not
> something that works well in all cultures.

If you have suggestions on what should be included on the web site we
are interested in hearing them.  Please contact us off the OpenAFS
mailing lists.

> My conclusion of the current "landscape" is that if you have chosen a
> closed source operating system that you pay money for, in the future
> you'll have to pay money for a decent file system as well, either
> directly to the OS vendor or to a third party. That will in the future
> be necessary for any other function enhancement as well. That trend
> will continue and sooner or later include every app(lication) that you
> want to run on that platform.

It is certainly possible to view the landscape as FOSS platforms are
better because you do not have to pay money and because there are fewer
requirements in place that are intended to enforce quality.

I have spoken with many Microsoft Program Managers and Developers.
Their reasons for enforcing the new digital signing and certification
requirements are reasonable given their goals.  They are tired of end
user systems being exploited or made unstable because of third party
products that integrate with the OS with full trust and which are not
sufficiently designed against attack or with quality and privacy in
mind.  Microsoft is committed to providing their enterprise customers
with trusted platforms whether those are hosted on physical machines
owned by the enterprise or whether they are virtual machines hosted on
HyperV or Azure.

Microsoft's staff believes they have no choice but to impose new
requirements because of the actions of various government entities from
multiple countries and the persistent attacks from crime related
organizations.

Microsoft has finally followed Apple's lead by defining an application
model that permits applications to be distributed, installed, upgraded,
and removed without altering the underlying OS footprint.  In the long
run this is going to be a big win for consumers because of the increased
stability it will bring.  However, it is also true that this new model
of software development and deployment is going to be very expensive to
transition to because there are many assumptions embedded in existing
Windows software that are no longer true when a well-defined and
enforced application model is imposed.

For Apple the goal is to sell consumer products that are as easy to use
and maintain as a toaster.  That goal is supported by improving the
security footprint of the OS.  Doing so requires limiting the ability to
install arbitrary kernel extensions to trusted parties.

As for the argument that FOSS operating systems are better because you
do not have to pay money for them.   I do not buy into that argument.
Quality software is developed by talented humans that require housing,
food, and health care, that raise families, and that deserve the
opportunity to learn, vacation and retire.  If you want quality software
you need people, and paying people requires money.  I have yet to find a
money tree nor has a leprechaun offered me a pot of gold.

The cost of developing OpenAFS or AuriStor is no different for a FOSS
operating system such as Linux or a closed source file system such as
Oracle Solaris.  In many regards the FOSS platform has proven to be more
expensive to develop for because of the lack of stable ABIs and the
large degree of variability between distributions.

In the end, if you need a quality file system it is going to cost
someone something.  Either upfront as grants, or on the back-end through
the sales of license fees, services, acceptance of advertising and/or
loss of privacy.  Or it will come out of the quality of life of the
developers.   We have all seen what our friends that spent 15 years
sacrificing to support OpenSSL have gone through.

My life experience has taught me that it is unfair to expect people to
work for free or to work at a discount simply because a cause is worthy.
 It is fair for someone to volunteer to do something for free because
they want to but the moment that the same person is asked to do it they
should be paid for their time and expertise.

Recently the Freakonomics podcast had a relevant piece titled "Should We
Really Behave Like Economists Say We Do?"

http://freakonomics.com/2015/06/04/should-we-really-behave-like-economist=
s-say-we-do-a-new-freakonomics-radio-podcast/

Its the story of Homo Economicus,

  https://en.wikipedia.org/wiki/Homo_economicus

a human being that is a rational and self-interested actor that always
chooses the most optimal path through life.  The podcast analyzes in a
funny manner how Home Economicus would live life whether it be selecting
a mate, or choosing entertainment, or supporting public activities and
works such as voting or the arts.

I bring up this podcast because in many regards the funding or lack of
funding of FOSS is the process of rational and self-interested actions
at work.  A rational organization is not going to pay money for
something that is freely available nor are they going to fund developers
to build something that others will get to use for free.  That is the
challenge for OpenAFS.

The challenge for AuriStor is that because a large sum of money was
invested in its development those funds must be recouped from those
organizations that will benefit from its use.

In the end software development has to be a partnership between those
that build and those that deploy.  If those that deploy do not fund
those that build there will not be sufficient development hours and
talent to build the solutions those that deploy require.  The choice
between FOSS, commercial open source for customers and commercial closed
source is a business model.  The choice of business model is often
dictated by economic circumstances and the economic landscape.

Up until Feb 2012 YFSI gave everything it developed to OpenAFS.  I
stopped doing so for much the same reason that Oracle restricted access
to Solaris source code.  Distributing source code before the product
ships and begins to generate revenues undermines the ability to fund the
R&D that produces the software in the first place.

My goal is to develop software that enables our end users to deploy
applications and distribute information both within and without their
private networks using a common file namespace for all networked devices
and best of breed network security.  One of the strengths of /afs is
that it has already survived three decades.  I want it to continue to
exist a century from now.

Please direct all future questions about AuriStor to Your File System Inc=
=2E

Please join the OpenAFS Foundation Discuss mailing list to discuss
funding models for OpenAFS

  http://lists.openafs.org/mailman/listinfo/foundation-discuss

Jeffrey Altman

P.S. My apologies for the long reply.


--------------ms090004050607080208010601
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIINXTCC
BkIwggUqoAMCAQICEDirAC//rpa3Vv85Wvtd5xswDQYJKoZIhvcNAQEFBQAwgcoxCzAJBgNV
BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1
c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0
aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24gQ2xhc3MgMSBQdWJsaWMgUHJp
bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEczMB4XDTExMDkwMTAwMDAwMFoXDTIx
MDgzMTIzNTk1OVowgaYxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3Jh
dGlvbjEfMB0GA1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29yazEeMBwGA1UECxMVUGVyc29u
YSBOb3QgVmFsaWRhdGVkMTcwNQYDVQQDEy5TeW1hbnRlYyBDbGFzcyAxIEluZGl2aWR1YWwg
U3Vic2NyaWJlciBDQSAtIEc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuwn
/R1j9DsdisHTHMjIgoa2uEqGkqqBXHLKMA0vnkEiVzAhJZCao/SsKsaIF4ZhchN2LuwDyyeb
jyCAN+DkitpVplAP/LlcI2mJQqG6H6/vDvmkyQrx+DeyxtmSSq5937hEH5u6P4wG/tgjT0hR
I2pghKjuJy9g35byGiqMPI8AzE/L+iCOvDX24fCatgXz/B0/xhR7DtryBeTTgwKmxWlwtKnk
VunbHVz0pjbia7UeKi3cvrvuOgSwMAitX2hsxr0GloiE5+apZC28ODC7iCbDZ2ZmtLR3+cCh
xw5y72bi5bnK4POFdzWY3tQcsP5mceI4y258T0BV65fZqBge7QIDAQABo4ICRDCCAkAwOAYI
KwYBBQUHAQEELDAqMCgGCCsGAQUFBzABhhxodHRwOi8vcGtpLW9jc3AudmVyaXNpZ24uY29t
MBIGA1UdEwEB/wQIMAYBAf8CAQAwbAYDVR0gBGUwYzBhBgtghkgBhvhFAQcXATBSMCYGCCsG
AQUFBwIBFhpodHRwOi8vd3d3LnN5bWF1dGguY29tL2NwczAoBggrBgEFBQcCAjAcGhpodHRw
Oi8vd3d3LnN5bWF1dGguY29tL3JwYTA0BgNVHR8ELTArMCmgJ6AlhiNodHRwOi8vY3JsLnZl
cmlzaWduLmNvbS9wY2ExLWczLmNybDAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0RBCIwIKQeMBwx
GjAYBgNVBAMTEVZlcmlTaWduTVBLSS0yLTk3MB0GA1UdDgQWBBSt+cOTci21uShh5KTXYNXE
Cl4aATCB8QYDVR0jBIHpMIHmoYHQpIHNMIHKMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVy
aVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsT
MShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBD
BgNVBAMTPFZlcmlTaWduIENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBB
dXRob3JpdHkgLSBHM4IRAItbdVaEVIULAM+vOEjOsaQwDQYJKoZIhvcNAQEFBQADggEBANaP
wdqbiPKzbE0fWC+6AVFddMFG6MO4e5/WQPHv/zK6iWvADjRDn6SZ5qTwXUgzYoWFYf4jiCKM
YJsrnGVJlMSiOCRIpVylUEto6WIip5PomSJuPVu7EEIOH0x1RzRWCY/4vYw881y70pZwVHBi
Te/REL6dSCxe7IZrB4LwPeElJygs4BZ2HrP95WKW0oo9Xyuu+1zCE7dlY8s0dkOf1oeZq26t
lcEAP0Yngf813iMOQ9wUXzL5yinvwlIw9ZnduYH4OiUgjYJo8rkhhXRmBOGGORYy8i3WKqjJ
3tkAAk/jGCDFpYFWtpXe04Kt+HslvmR8LqC6cCz4+XXidE0HbYQwggcTMIIF+6ADAgECAhAW
xDBJuKAcJVa7b+TJhwvEMA0GCSqGSIb3DQEBBQUAMIGmMQswCQYDVQQGEwJVUzEdMBsGA1UE
ChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdv
cmsxHjAcBgNVBAsTFVBlcnNvbmEgTm90IFZhbGlkYXRlZDE3MDUGA1UEAxMuU3ltYW50ZWMg
Q2xhc3MgMSBJbmRpdmlkdWFsIFN1YnNjcmliZXIgQ0EgLSBHNDAeFw0xNDEyMTgwMDAwMDBa
Fw0xNTEyMTkyMzU5NTlaMIHOMS4wLAYDVQQDDCVQZXJzb25hIE5vdCBWYWxpZGF0ZWQgLSAx
NDE4ODgyMzg2MTAyMSswKQYJKoZIhvcNAQkBFhxqYWx0bWFuQHlvdXItZmlsZS1zeXN0ZW0u
Y29tMQ8wDQYDVQQLDAZTL01JTUUxHjAcBgNVBAsMFVBlcnNvbmEgTm90IFZhbGlkYXRlZDEf
MB0GA1UECwwWU3ltYW50ZWMgVHJ1c3QgTmV0d29yazEdMBsGA1UECgwUU3ltYW50ZWMgQ29y
cG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCteTFLbuPm2vx85lH2
Y6LHdMIqcKQPN9m4XYVTe0L8ZvMvnJ1YQ720ET52CF18RYdTc4to92+ffdmjWlBedK4YtLam
htsUkJ6WL3krwNVTYfeej0wgF9kVQ2FI8XTNngxnJ2CRkQX4Z9/1TI4wTkSNcAw5T0Y2HKM9
4p7wAJOefl+3oPwxXn338w8T7LsfwS9FOADZ8uRItv/J7S8BJEP0XtjZZlBoSyqQ4qxl5PtI
uybHVdwoo2PlK8LxU6r8Vcje1+OXmc5VoCBlXiYDWHl/wSDtZEWR6431/az1Z45n1AHHber2
G+Ijb0nF4RLiiFMkyJl3qx+46wqcqWrjrRxDAgMBAAGjggMRMIIDDTAMBgNVHRMBAf8EAjAA
MA4GA1UdDwEB/wQEAwIFoDAgBgNVHSUBAf8EFjAUBggrBgEFBQcDBAYIKwYBBQUHAwIwHQYD
VR0OBBYEFBUlv/9jizZz4uwaFtPzwdX6FsqwMCcGA1UdEQQgMB6BHGphbHRtYW5AeW91ci1m
aWxlLXN5c3RlbS5jb20wHwYDVR0jBBgwFoAUrfnDk3IttbkoYeSk12DVxApeGgEwggErBggr
BgEFBQcBAQSCAR0wggEZMIIBFQYIKwYBBQUHMAKGggEHbGRhcDovL2RpcmVjdG9yeS52ZXJp
c2lnbi5jb20vQ04lMjAlM0QlMjBTeW1hbnRlYyUyMENsYXNzJTIwMSUyMEluZGl2aWR1YWwl
MjBTdWJzY3JpYmVyJTIwQ0ElMjAtJTIwRzQlMkMlMjBPVSUyMCUzRCUyMFBlcnNvbmElMjBO
b3QlMjBWYWxpZGF0ZWQlMkMlMjBPVSUyMCUzRCUyMFN5bWFudGVjJTIwVHJ1c3QlMjBOZXR3
b3JrJTJDJTIwTyUyMCUzRCUyMFN5bWFudGVjJTIwQ29ycG9yYXRpb24lMkMlMjBDJTIwJTNE
JTIwVVM/Y0FDZXJ0aWZpY2F0ZTtiaW5hcnkwXQYDVR0fBFYwVDBSoFCgToZMaHR0cDovL3Br
aS1jcmwuc3ltYXV0aC5jb20vY2FfNTYxYzEwMzY5MGM5N2E2OTI0N2EwZWYwNzFhYzgxYWYv
TGF0ZXN0Q1JMLmNybDBsBgNVHSAEZTBjMGEGC2CGSAGG+EUBBxcBMFIwJgYIKwYBBQUHAgEW
Gmh0dHA6Ly93d3cuc3ltYXV0aC5jb20vY3BzMCgGCCsGAQUFBwICMBwaGmh0dHA6Ly93d3cu
c3ltYXV0aC5jb20vcnBhMCsGCmCGSAGG+EUBEAMEHTAbBhJghkgBhvhFARABAgIEAYbHzm8W
BTEwOTIyMDkGCmCGSAGG+EUBEAUEKzApAgEAFiRhSFIwY0hNNkx5OXdhMmt0Y21FdWMzbHRZ
WFYwYUM1amIyMD0wDQYJKoZIhvcNAQEFBQADggEBAJIvoMatM56/QjaVAlEUbeWZNOPkwuiC
gaaekWJi1h33fAVfdF+WZqh7dF4hBNalyPuxRcyZX7HxuPyBc3ajDCqew9MlmCJ3Cm4Co3fZ
Yh50OX4jnem2RmpHeKbJW6zUjZcAGqV6DPMl04kgrI2whJX7729HoRyUPwZS7CZSRFZO147X
2+/JogDYKffa/+q5AwgrHYvdECHxc3Iz9KnHSmit+DhWS9t+XxE0gHr3sW7zwcQ/GYyrJ3s3
VdWHTjM+3iGFeTOI06h1aBgFR/+8fTmuZXZz9+OdWVar0Crt9bn0cFN3u00Q6YAyjYhRnbXy
zYVIOS4oJmRoK79p/xodeDUxggRSMIIETgIBATCBuzCBpjELMAkGA1UEBhMCVVMxHTAbBgNV
BAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3
b3JrMR4wHAYDVQQLExVQZXJzb25hIE5vdCBWYWxpZGF0ZWQxNzA1BgNVBAMTLlN5bWFudGVj
IENsYXNzIDEgSW5kaXZpZHVhbCBTdWJzY3JpYmVyIENBIC0gRzQCEBbEMEm4oBwlVrtv5MmH
C8QwCQYFKw4DAhoFAKCCAmswGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0B
CQUxDxcNMTUwNjIxMTYzODEyWjAjBgkqhkiG9w0BCQQxFgQUQ896zd94JyBXxkYD8xGwlxBi
TYYwbAYJKoZIhvcNAQkPMV8wXTALBglghkgBZQMEASowCwYJYIZIAWUDBAECMAoGCCqGSIb3
DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0D
AgIBKDCBzAYJKwYBBAGCNxAEMYG+MIG7MIGmMQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3lt
YW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxHjAc
BgNVBAsTFVBlcnNvbmEgTm90IFZhbGlkYXRlZDE3MDUGA1UEAxMuU3ltYW50ZWMgQ2xhc3Mg
MSBJbmRpdmlkdWFsIFN1YnNjcmliZXIgQ0EgLSBHNAIQFsQwSbigHCVWu2/kyYcLxDCBzgYL
KoZIhvcNAQkQAgsxgb6ggbswgaYxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBD
b3Jwb3JhdGlvbjEfMB0GA1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29yazEeMBwGA1UECxMV
UGVyc29uYSBOb3QgVmFsaWRhdGVkMTcwNQYDVQQDEy5TeW1hbnRlYyBDbGFzcyAxIEluZGl2
aWR1YWwgU3Vic2NyaWJlciBDQSAtIEc0AhAWxDBJuKAcJVa7b+TJhwvEMA0GCSqGSIb3DQEB
AQUABIIBAEpkfm2WDDOIN7HWtduWjBQHvzVzplG0T+22PUdtW6ifaL3G40S1bTnJPTYEPgQO
4ACRxhYanN6bqfB64oenQz2OQBX4sMs8eCkLC9XDuW+wEFUmH5gedkOUDv7aliAuuhl3UAG+
VrtVAUEaAzc7l1wjtIfzqMjXuPHUzipxKpsDncdFeMrAfmt90CxskB7VNFgX9etjE43MEK8U
dBvvCsJ/ArPSTA+oUIa6tgpcn/Wy8dzhSkYgaaxrfuwfXcncJEymfCs6RKJd49Uy24CN6BKb
JcqVhzE0Q0cZWCUAIK+9Q/gNBdkXE8c7uOPwVvnzgri0qCnzdbCRISIlCuMrDxwAAAAAAAA=
--------------ms090004050607080208010601--